2012-03-08 13:30:13 +05:30
|
|
|
#!/usr/bin/perl
|
|
|
|
|
|
|
|
# gitolite shell, invoked from ~/.ssh/authorized_keys
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
2012-03-10 18:56:29 +05:30
|
|
|
use FindBin;
|
2012-03-08 13:30:13 +05:30
|
|
|
|
2012-03-10 18:56:29 +05:30
|
|
|
BEGIN { $ENV{GL_BINDIR} = $FindBin::RealBin; }
|
2012-04-06 20:29:05 +05:30
|
|
|
BEGIN { $ENV{GL_LIBDIR} = "$ENV{GL_BINDIR}/lib"; }
|
|
|
|
use lib $ENV{GL_LIBDIR};
|
2012-03-08 13:30:13 +05:30
|
|
|
use Gitolite::Rc;
|
|
|
|
use Gitolite::Common;
|
|
|
|
use Gitolite::Conf::Load;
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use warnings;
|
2012-03-12 20:54:30 +05:30
|
|
|
|
|
|
|
# the main() sub expects ssh-ish things; set them up...
|
2012-03-21 16:23:50 +05:30
|
|
|
my $id = '';
|
2012-03-12 20:54:30 +05:30
|
|
|
if ( exists $ENV{G3T_USER} ) {
|
2012-03-30 06:11:06 +05:30
|
|
|
$id = in_file(); # file:// masquerading as ssh:// for easy testing
|
2012-03-12 20:54:30 +05:30
|
|
|
} elsif ( exists $ENV{SSH_CONNECTION} ) {
|
2012-03-21 16:23:50 +05:30
|
|
|
$id = in_ssh();
|
2012-03-12 20:54:30 +05:30
|
|
|
} elsif ( exists $ENV{REQUEST_URI} ) {
|
2012-03-21 16:23:50 +05:30
|
|
|
$id = in_http();
|
2012-03-12 20:54:30 +05:30
|
|
|
} else {
|
|
|
|
_die "who the *heck* are you?";
|
|
|
|
}
|
|
|
|
|
2012-03-30 09:30:13 +05:30
|
|
|
trigger('INPUT');
|
|
|
|
|
2012-03-21 16:23:50 +05:30
|
|
|
main($id);
|
|
|
|
|
2012-03-30 06:11:06 +05:30
|
|
|
gl_log('END') if $$ == $ENV{GL_TID};
|
2012-03-12 20:54:30 +05:30
|
|
|
|
|
|
|
exit 0;
|
2012-03-08 13:30:13 +05:30
|
|
|
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
2012-03-30 06:11:06 +05:30
|
|
|
sub in_file {
|
|
|
|
gl_log( 'file', "ARGV=" . join( ",", @ARGV ), "SOC=$ENV{SSH_ORIGINAL_COMMAND}" );
|
|
|
|
|
2012-03-19 07:49:01 +05:30
|
|
|
if ( $ENV{SSH_ORIGINAL_COMMAND} =~ /git-\w+-pack/ ) {
|
2012-03-18 10:01:07 +05:30
|
|
|
print STDERR "TRACE: gsh(", join( ")(", @ARGV ), ")\n";
|
|
|
|
print STDERR "TRACE: gsh(SOC=$ENV{SSH_ORIGINAL_COMMAND})\n";
|
|
|
|
}
|
2012-03-30 06:11:06 +05:30
|
|
|
return 'file';
|
2012-03-12 20:54:30 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
sub in_http {
|
|
|
|
_die 'http not yet implemented...';
|
|
|
|
}
|
|
|
|
|
|
|
|
sub in_ssh {
|
2012-03-30 06:11:06 +05:30
|
|
|
my $ip;
|
|
|
|
( $ip = $ENV{SSH_CONNECTION} || '(no-IP)' ) =~ s/ .*//;
|
|
|
|
|
2012-04-03 09:44:43 +05:30
|
|
|
gl_log( 'ssh', "ARGV=" . join( ",", @ARGV ), "SOC=" . ( $ENV{SSH_ORIGINAL_COMMAND} || ''), "FROM=$ip" );
|
2012-03-30 06:11:06 +05:30
|
|
|
|
2012-03-20 23:51:18 +05:30
|
|
|
$ENV{SSH_ORIGINAL_COMMAND} ||= '';
|
|
|
|
my $soc = $ENV{SSH_ORIGINAL_COMMAND};
|
|
|
|
$soc =~ s/[\n\r]+/<<newline>>/g;
|
|
|
|
_die "I don't like newlines in the command: $soc\n" if $ENV{SSH_ORIGINAL_COMMAND} ne $soc;
|
2012-03-21 16:23:50 +05:30
|
|
|
|
|
|
|
return $ip;
|
2012-03-12 20:54:30 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
# ----------------------------------------------------------------------
|
2012-03-08 13:30:13 +05:30
|
|
|
|
2012-03-12 20:54:30 +05:30
|
|
|
# call this once you are sure arg-1 is the username and SSH_ORIGINAL_COMMAND
|
|
|
|
# has been setup (even if it's not actually coming via ssh).
|
|
|
|
sub main {
|
2012-03-21 16:23:50 +05:30
|
|
|
my $id = shift;
|
|
|
|
|
2012-03-15 21:59:36 +05:30
|
|
|
umask $rc{UMASK};
|
|
|
|
|
2012-03-12 20:54:30 +05:30
|
|
|
# set up the user
|
|
|
|
my $user = $ENV{GL_USER} = shift @ARGV;
|
2012-03-08 13:30:13 +05:30
|
|
|
|
2012-03-12 20:54:30 +05:30
|
|
|
# set up the repo and the attempted access
|
2012-03-15 20:04:30 +05:30
|
|
|
my ( $verb, $repo ) = parse_soc(); # returns only for git commands
|
2012-03-12 20:54:30 +05:30
|
|
|
sanity($repo);
|
|
|
|
$ENV{GL_REPO} = $repo;
|
|
|
|
my $aa = ( $verb =~ 'upload' ? 'R' : 'W' );
|
2012-03-08 13:30:13 +05:30
|
|
|
|
2012-03-17 07:00:17 +05:30
|
|
|
# auto-create?
|
|
|
|
if ( repo_missing($repo) and access( $repo, $user, '^C', 'any' ) !~ /DENIED/ ) {
|
|
|
|
require Gitolite::Conf::Store;
|
|
|
|
Gitolite::Conf::Store->import;
|
|
|
|
new_wild_repo( $repo, $user );
|
2012-03-21 16:23:50 +05:30
|
|
|
gl_log( 'create', $repo, $user );
|
2012-03-17 07:00:17 +05:30
|
|
|
}
|
|
|
|
|
2012-03-12 20:54:30 +05:30
|
|
|
# a ref of 'any' signifies that this is a pre-git check, where we don't
|
|
|
|
# yet know the ref that will be eventually pushed (and even that won't
|
|
|
|
# apply if it's a read operation). See the matching code in access() for
|
|
|
|
# more information.
|
2012-03-30 06:11:06 +05:30
|
|
|
unless ( $ENV{GL_BYPASS_ACCESS_CHECKS} ) {
|
2012-03-28 15:25:32 +05:30
|
|
|
my $ret = access( $repo, $user, $aa, 'any' );
|
|
|
|
trace( 1, "access($repo, $user, $aa, 'any')", "-> $ret" );
|
|
|
|
trigger( 'ACCESS_1', $repo, $user, $aa, 'any', $ret );
|
|
|
|
_die $ret . "\n(or you mis-spelled the reponame)" if $ret =~ /DENIED/;
|
2012-03-30 06:11:06 +05:30
|
|
|
|
|
|
|
gl_log( "pre_git", $repo, $user, $aa, 'any', "-> $ret" );
|
2012-03-28 15:25:32 +05:30
|
|
|
}
|
2012-03-12 20:54:30 +05:30
|
|
|
|
2012-03-19 07:49:01 +05:30
|
|
|
trigger( 'PRE_GIT', $repo, $user, $aa, 'any', $verb );
|
2012-03-20 12:51:00 +05:30
|
|
|
my $repodir = "'$rc{GL_REPO_BASE}/$repo.git'";
|
|
|
|
_system( "git", "shell", "-c", "$verb $repodir" );
|
2012-04-06 06:27:34 +05:30
|
|
|
trigger( 'POST_GIT', $repo, $user, $aa, 'any', $verb );
|
2012-03-12 20:54:30 +05:30
|
|
|
}
|
2012-03-08 13:30:13 +05:30
|
|
|
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
2012-03-12 20:54:30 +05:30
|
|
|
sub parse_soc {
|
2012-03-08 13:30:13 +05:30
|
|
|
my $soc = $ENV{SSH_ORIGINAL_COMMAND};
|
2012-03-12 20:54:30 +05:30
|
|
|
$soc ||= 'info';
|
|
|
|
|
2012-03-22 05:31:17 +05:30
|
|
|
my $git_commands = "git-upload-pack|git-receive-pack|git-upload-archive";
|
|
|
|
if ( $soc =~ m(^($git_commands) '/?(.*?)(?:\.git(\d)?)?'$) ) {
|
2012-03-15 21:49:47 +05:30
|
|
|
my ( $verb, $repo, $trace_level ) = ( $1, $2, $3 );
|
|
|
|
$ENV{D} = $trace_level if $trace_level;
|
2012-03-12 20:54:30 +05:30
|
|
|
_die "invalid repo name: '$repo'" if $repo !~ $REPONAME_PATT;
|
2012-03-15 21:00:39 +05:30
|
|
|
trace( 2, "git command", $soc );
|
2012-03-15 20:04:30 +05:30
|
|
|
return ( $verb, $repo );
|
2012-03-12 20:54:30 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
# after this we should not return; caller expects us to handle it all here
|
|
|
|
# and exit out
|
|
|
|
|
|
|
|
_die "suspicious characters loitering about '$soc'" if $soc !~ $REMOTE_COMMAND_PATT;
|
|
|
|
|
|
|
|
my @words = split ' ', $soc;
|
2012-03-15 20:04:30 +05:30
|
|
|
if ( $rc{COMMANDS}{ $words[0] } ) {
|
2012-03-15 21:00:39 +05:30
|
|
|
trace( 2, "gitolite command", $soc );
|
2012-03-15 20:04:30 +05:30
|
|
|
_system( "gitolite", @words );
|
2012-03-12 20:54:30 +05:30
|
|
|
exit 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
_die "unknown git/gitolite command: $soc";
|
2012-03-08 13:30:13 +05:30
|
|
|
}
|
|
|
|
|
|
|
|
sub sanity {
|
|
|
|
my $repo = shift;
|
|
|
|
_die "'$repo' contains bad characters" if $repo !~ $REPONAME_PATT;
|
|
|
|
_die "'$repo' ends with a '/'" if $repo =~ m(/$);
|
|
|
|
_die "'$repo' contains '..'" if $repo =~ m(\.\.$);
|
|
|
|
}
|